Apple Apologizes About FaceTime Bug, Software Update With Fix Delayed Until Next Week

Friday February 1, 2019 6:10 am PST by Joe Rossignol

Apple issued the following statement to MacRumors today in which it apologized for a major FaceTime eavesdropping bug:
We have fixed the Group FaceTime security bug on Apple's servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone's patience as we complete this process.

We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.
Widely publicized on Monday, the FaceTime bug allowed one person to call another person via FaceTime, slide up on the interface and enter their own phone number, and automatically gain access to audio from the other person's device without that person accepting the call. In some cases, even video was accessible.

We demonstrated the bug in a video earlier this week:


Apple disabled Group FaceTime as a temporary server-side solution, preventing the bug from working any longer. Apple is also working on a software update with a permanent fix that it originally said would be available this week, but it has been delayed until next week, according to Apple's statement.

Apple thanked the Thompson family for reporting the bug—supposedly over a week before it made headlines—and said it is committed to improving the process by which it receives and escalate these reports in order to quash bugs faster.

Apple already faces a lawsuit in Texas and a proposed class action lawsuit in Canada over the bug. Given the serious privacy implications involved, it is certainly possible there will be more class action lawsuits to come.

Tags: FaceTime, FaceTime Listening Bug
[ 233 comments ]

Top Rated Comments

(View all)

Avatar
MacFather
13 months ago
I'm surprised they didn't blame Scott Forstall again.
Rating: 47 Votes
Avatar
weup togo
13 months ago
This woman did *everything* right. She got blown off by the security team! Apple's cancerous hiring growth has lead to a mountain of people with no clue about Apple's actual culture or standards. We see the results in the headlines here daily for the last few years.
Rating: 38 Votes
Avatar
mjharwaz
13 months ago
Am I the only person in the world who thinks the process to even get to this bug is asinine and outside of the normal use case of the average person? In what scenario does one find themselves thinking "oh, the other party isn't answering, maybe I should just FaceTime myself?"

Yes, it's a problem that something like this could be exploited to spy on someone, but without the publicity how many people would have ever tried this in their lifetime, let alone the week it was a problem?
Rating: 33 Votes
Avatar
otternonsense
13 months ago
Stop apologising and do some basic freaking testing and QA before rolling out (delayed) promised features. Every week there's a different bug, "gate" or whatnot.
Rating: 27 Votes
Avatar
ImAnAgent
13 months ago
It's impossible to uncover all bugs in any software release no matter what company is involved. That's why releases continue to happen any why beta releases take place. If the bugs aren't found during the betas, you can't blame these companies for releasing a version they feel is ready.
Rating: 26 Votes
Avatar
az431
13 months ago

Stop apologising and do some basic freaking testing and QA before rolling out (delayed) promised features. Every week there's a different bug, "gate" or whatnot.


Your assumption is that because a bug manifests itself, that Apple doesn't do "basic freaking testing," which is both illogical and incorrect. That's basically like saying if people were careful there would never be a car accident. Duh.

Regardless of how much testing is done, bugs will pop up, especially in something as complex as an operating system, and especially when you have 1.4 billion devices running that operating system.

The problem here is Apple's system for handling bug reports is horrible. I've reported bugs that were indeed bugs, and Apple either responded with some canned nonsense about it being intended or didn't respond at all. Then 2-3 years later the bug was fixed. Anytime you have to deal with Apple outside the context of the Apple Store it's a mess.
Rating: 21 Votes
Avatar
eicca
13 months ago
Meanwhile, Google, Facebook, Amazon, etc are boldly and obviously stealing EVERYTHING from you and nobody bats an eye.
Rating: 20 Votes
Avatar
snowboarder
13 months ago

I'm surprised they didn't blame Scott Forstall again.


or China
Rating: 16 Votes
Avatar
otternonsense
13 months ago

And that's probably because new features are becoming more and more complex to develop.


Yes, like adding poop emoji heads and crappy overlays on 32 people. Priorities.
Rating: 16 Votes
Avatar
iName
13 months ago
Google and Facebook invade your privacy every day in more insidious ways than you can imagine but THIS is what gets people up in arms? Give me a break.
Rating: 16 Votes

[ Read All Comments ]